[compiler-rt] [asan] Rewrite Windows/heaprealloc_alloc_zero check to avoid dereference (PR #156211)

Sat Aug 30 14:54:35 PDT 2025

llvmbot wrote:




@llvm/pr-subscribers-compiler-rt-sanitizer

Author: Thurston Dang (thurstond)

<details>
<summary>Changes</summary>

The test checks that 1-byte is allocated when malloc(0) is called, by dereferencing the pointer.
https://github.com/llvm/llvm-project/pull/155943 changed ASan to consider the dereference to be a heap buffer overflow. This patch changes the test to check the allocated size is still 1-byte, but not dereference the pointer.

This aims to fix the breakage reported in https://github.com/llvm/llvm-project/pull/155943#issuecomment-3239543505

---
Full diff: https://github.com/llvm/llvm-project/pull/156211.diff


1 Files Affected:

- (modified) compiler-rt/test/asan/TestCases/Windows/heaprealloc_alloc_zero.cpp (+7-1) 


``````````diff

diff --git a/compiler-rt/test/asan/TestCases/Windows/heaprealloc_alloc_zero.cpp b/compiler-rt/test/asan/TestCases/Windows/heaprealloc_alloc_zero.cpp
index 8b0bc71b9f5db..e9be0d5b4c7df 100644
--- a/compiler-rt/test/asan/TestCases/Windows/heaprealloc_alloc_zero.cpp
+++ b/compiler-rt/test/asan/TestCases/Windows/heaprealloc_alloc_zero.cpp
@@ -3,13 +3,19 @@
 // UNSUPPORTED: asan-64-bits
 #include <cassert>
 #include <iostream>
+#include <sanitizer/allocator_interface.h>
 #include <windows.h>
 
 int main() {
   void *ptr = malloc(0);
   if (ptr)
     std::cerr << "allocated!\n";
-  ((char *)ptr)[0] = '\xff'; //check this 'allocate 1 instead of 0' hack hasn't changed
+
+  // Check the 'allocate 1 instead of 0' hack hasn't changed
+  // Note that as of b3452d90b043a398639e62b0ab01aa339cc649de, dereferencing
+  // the pointer will be detected as a heap-buffer-overflow.
+  if (__sanitizer_get_allocated_size(ptr) != 1)
+    return 1;
 
   free(ptr);
 

``````````

</details>


https://github.com/llvm/llvm-project/pull/156211
